My opinion on cyber and other interesting things: @k@chaos.social, @k@masts.lv
Please note: page was last updated 03NOV2024.
Find more stuff in my GitHub repositories! Looking for 2003-2013 archive on Skype protocol research and analysis?
Get in touch with me about other matters: research [at] kirils.org
Subject | Date | Language and title (mouse-over for abstract) | Event (country) | Materials | |||
---|---|---|---|---|---|---|---|
2024 | |||||||
NET | 22NOV | Remotely snooping on traffic patterns using network protocols | DeepSec IDSC 2024 | coming soon | |||
SECURITY | 03NOV | So you're interested in social engineering? The very first steps | OpenFest | new! slides | |||
GSM, VULN | 02NOV | MITM on PSTN – novel methods for intercepting phone calls | OpenFest | coming soon | |||
NET | 26OCT | Remotely snooping on traffic patterns using network protocols | BSides Berlin | new! slides | |||
SECURITY | 03OCT | DNS on steroids | Cyberchess 2024 | new! slides | coming soon | ||
NET | 21SEP | Remotely snooping on traffic patterns using network protocols | BalCCon2k24 | new! slides | coming soon | ||
NET | 06SEP | Remotely snooping on traffic patterns using network protocols | AlligatorCon Europe 2024 | ||||
SECURITY | 30APR | What every business should know about cyberrisks | LTRK biedru seminārs | new! video | |||
SECURITY | 19APR | The Evolution of Cyber Threats: From Network Attacks to Advanced AI Exploits | Tech and startup event TechChill | new! video | more | ||
PRIVACY | 26MAR | Anonymous identity online | Smart-ID izstrādātāju brokastis | new! slides | new! video | ||
SECURITY, LEGAL | 13MAR | Cyber security implementation practices, compliance and legal considerations in the field of cyber security | Tehnoloģiju transformācija | new! slides | more | ||
2023 | |||||||
GSM, VULN | 12DEC | MITM attacks on the public switched telephone network | Esi drošs | slides | new! video | more | |
GSM, VULN | 24NOV | MITM on PSTN – novel methods for intercepting phone calls | DefCamp | slides | new! video | more | |
PRIVACY | 02NOV | Privacy vs Quantum: a false dichotomy | SK Annual Conference | video | more | ||
PRIVACY | 21OCT | NOTH1NG T0 HID3 (v9) | Computer Security Conference "No Hat" | slides | more | ||
PRIVACY | 14OCT | NOTH1NG T0 HID3 (v8) | Hackfest 2023 - Back to the Future | slides | new! video | more | |
GSM, VULN | 13OCT | MITM on PSTN – novel methods for intercepting phone calls | Hackfest 2023 - Back to the Future | slides | new! video | more | |
SECURITY | 28SEP | Cyberreality of Latvia | Kibernakts'23 | slides | video | more | |
GSM, VULN | 23SEP | MITM on PSTN – novel methods for intercepting phone calls | Nullcon | video | coming soon | ||
SECURITY | 10SEP | MITM on PSTN – novel methods for intercepting phone calls | BalCCon2k23 | video | more | ||
SECURITY | 16AUG | So you're interested in social engineering? The very first steps | Chaos Communication Camp 2023 | slides | video | more | |
GSM, VULN | 15JUN | MITM on PSTN – a novel method for intercepting phone calls | TyphoonCon | slides | more | ||
PRIVACY | 05JUN | NOTH1NG T0 HID3: how to hack privacy (v7) | HackCodeX | more | |||
SECURITY | 25MAY | Trenches on the digital front | Sarunu festivāls "Lampa" | video | more | ||
POLICY | 19MAY | The strengths & weaknesses of the known tools for circumventing digital censorship | INTERNET WITHOUT BORDERS Conference and Hackathon against cyber censorship | on demand | more | ||
VISION | 12MAY | Democracy and security | Demokrātijas akadēmija. Ar skatu nākotnē. | new! video | more | ||
SECURITY | 11MAY | What every business should know about cyber security: practical tips and advice | SORAINEN vebinārs "Apdrošināšana pret kiberuzbrukumiem" | slides | video | more | |
AI, SECURITY | 27APR | Securing the Future: Balancing Cybersecurity and Innovation | Tech and startup event TechChill | video | more | ||
SECURITY | 30MAR | Usage of mobile devices in high-risk conditions | Esi drošs | slides | video | more | |
2022 | |||||||
VISION | 02DEC | IT (in)security | Celtspēja | slides | more | ||
SECURITY | 01DEC | Cybersecurity: Trends and challenges for financial service providers | Fintech Latvia Breakfast | video | |||
HW | 30NOV | WearSec: Towards Automated Security Evaluation of Wireless Wearable Devices | NordSec 2022 | paper | more | ||
SECURITY | 26OCT | Getting Physical: Meet Local Hackers Near $AREA | CyberShield 2022 | slides | |||
SECURITY | 26OCT | Everyday social-engineering in the Baltics | CyberShield 2022 | slides | |||
SECURITY | 25SEP | Screaming into the void: All e-signatures in the world are broken! | BalCCon2k22 | video | |||
VISION | 23SEP | There once was a "we" in "web" | BalCCon2k22 | slides | video | ||
SECURITY | 09JUN | Data protection and cybersecurity challenges in the provision of remote services | Pārmaiņu paātrinājums | on demand | more | ||
MILITARY | 25JUL | The War in Ukraine: Cyberfront | MCH2022: May Contain Hackers | video | |||
SECURITY | 23JUL | Screaming into the void: All e-signatures in the world are broken! | MCH2022: May Contain Hackers | slides | video | ||
SECURITY | 02JUN | Cyber-resilience as a Pillar | 15th Annual Scientific Baltic Business Management Conference | video | more | ||
PRIVACY | 13MAY | Friends o̶r̶ and privacy | RTU Karjeras izaugsmes festivāls SOLIS 2022 | more | |||
HACKING | 29APR | Whitehacking: Being on the Right Side of History | Tech and startup event TechChill | video | more | ||
2021 | |||||||
VISION | 21AUG | Cryptocurrencies and money laundering. How to prevent these crimes? | Sarunu festivāls "Lampa" | video | more | ||
ENERGY | 29JAN | Improvement of smart building management systems' functional capability for the increase of energy efficiency and thermal comfort | paper | slides | |||
2020 | |||||||
PRIVACY | 16APR | NOTH1NG T0 HID3 [exclusively for SWG] | |||||
PRIVACY | 14FEB | NOTH1NG T0 HID3 (v5) | Disobey | video | |||
PRIVACY | 11FEB | On Privacy | SkeptiCafe | video | |||
2019 | |||||||
PRIVACY | 28DEC | NOTH1NG T0 HID3: go out and fix privacy! (v4) | 36C3 "Resource Exhaustion" | slides | video | ||
RF, REVENG | 30NOV | Security alarm system — feeling of security or cause for alarm? | SigSegV2 | ||||
VISION | 21NOV | Patches will fail us. The future of IT defence. | IRISSCON2019 | video | |||
SECURITY | 03NOV | The leak of billions of passwords | OpenFest | slides | video | ||
PRIVACY | 01NOV | NOTH1NG T0 HID3 (v3) | Investigative Film Festival Skopje | ||||
PRIVACY | 25OCT | NOTH1NG T0 HID3: Should we fix privacy? (v2) | PrivacyWeek | slides | video | ||
NET | 03OCT | All the Animals are sad in the Zoo | ISACA/CERT.LV "Cyberchess 2019" | slides | video | ||
PRIVACY | 15SEP | NOTH1NG T0 HID3: Should we fix privacy? (v1) | BalCCon2k19 | slides | video | ||
SECURITY | 13SEP | The leak of billions of passwords | BalCCon2k19 | slides | video | ||
REVENG | 07SEP | r2lrn - Your Personal Interactive Teacher | r2con 2019 | slides | video | more | |
PRIVACY | 17AUG | Toll of personal privacy in 2019 | AlligatorCon Europe 2019 | more | |||
SECURITY, REVENG | 19JUN | Quickstart: RouterOS jailbreaking and security research | Hack In Paris | slides | more | ||
SECURITY, REVENG | 13JUN | RouterOS vulnerabilities and malware campaigns | TyphoonCon | slides | |||
SECURITY | 03JUN | Analysis of the "10 billion" aka Collection #1 password leak | CONFidence | video | more | ||
PRIVACY | 28MAY | Toll of personal privacy in 2018 | DevClub Tallinn (72nd) | video | |||
SECURITY | 23MAY | So what if I don't renew my domain name? | .LV Registrars' conference | on demand | more | ||
SECURITY | 08MAY | You* will get hacked | infoShare | video | |||
LOBBYING | 30MAR | TRUTH | Studentijas Akadēmija IV | slides | more | ||
SECURITY | 23MAR | Analysis of the "10 billion" aka Collection #1 password leak | Le Tour Du Hack | video | more | ||
RF, REVENG | 02MAR | Security alarm system — feeling of security or cause for alarm? | Nullcon | slides | video | more | |
SECURITY, PRIVACY | 21FEB | On Cybersecurity and Privacy | video | ||||
VISION | 12FEB | How cyberwar can be defeated | CyberNorth Warm Up @Riga | video | more | ||
SECURITY | 29JAN | Exclusive interview with a white-hat hacker | TVNET | video | more | ||
2018 | |||||||
PRIVACY | 27DEC | Toll of personal privacy in 2018 | 35C3 "Refreshing memories" | slides | video | ||
SECURITY | 06DEC | So what if I don't renew my domain name? | Esi drošs | slides | video | more | |
HW, SECURITY | 01DEC | The state of MikroTik security. An overview. | SigSegV1 | slides | video | ||
HW, REVENG | 28NOV | Horror on the bus: Hacking COMBUS in a Paradox security system | Hack In The Box Dubai | slides | video | ||
HW, REVENG | 16NOV | How reversing the COMBUS protocol resulted in breaking security of a security system | IT-SECX | slides | video | ||
HW, REVENG | 02NOV | Horror on the bus: Hacking COMBUS in a Paradox security system | Hackfest "Decade" | slides | video | ||
SECURITY | 10OCT | The state of MikroTik security. An overview. | HackIT 4.0 | slides | |||
PRIVACY | 15SEP | Toll of personal privacy in 2018 | BalCCon2k18 | slides | video | ||
SECURITY | 14SEP | Impact of domain name drop-catching on business security | BalCCon2k18 | slides | video | ||
SECURITY | 15AUG | IT security. This is where we are… Where are we going with this? | Swedbank Seedtalks | slides | more | ||
RFID | 20JUL | RFID attacks and Proxmark hands-on | FSec IoT Hacking Summer School | slides | more | ||
NET | 20JUL | Live network forensics and reversing network protocols | FSec IoT Hacking Summer School | slides | more | ||
REVENG | 10JUL | Reverse engineering basics | DevClub Tallinn (62nd) | slides | video | ||
WEB | 15JUN | JavaScript security: a retrospective | FrontCon | slides | video | ||
SECURITY | 17MAY | Wash your hands before using a computer! | ELKO MeetUP 2018 | video | |||
POLICY | 20APR | Domain name take down and blocking trends in the Baltics | Baltic Domain Days | slides | more | ||
LEGAL | 19APR | Should the registries and registrars be responsible for the content on the internet? | Baltic Domain Days | more | |||
SECURITY | 22MAR | OPSEC and defense against social engineering | Security focused DevClub Riga (64th) | slides | video | more | |
2017 | |||||||
POLICY | 01DEC | Should anonymous comments be allowed on the internet? | QUO Tu domā? | video | |||
LOBBYING | 05NOV | Your Voice in the Government (the non-partisan way) | OpenFest | slides | video | ||
HW, REVENG | 21OCT | Tools for effortless reverse engineering of MikroTik routers | Hacktivity | slides | video | more | |
POLICY | 05OCT | Online censorship and its security impact | ISACA/CERT.LV "Cyberchess 2017" | slides | video | more | |
VISION | 27SEP | Cybersecurity challenges of the past & the future | Visit of Prime Minister of The Republic of Latvia to the Kingdom on the Netherlands | slides | |||
HW | 15SEP | A deeper journey into MikroTik routers | BalCCon2k17 | slides | video | more | |
HW | 06AUG | Rooting the MikroTik routers | SHA2017: Still Hacking Anyway | slides | video | more | |
NET | 05AUG | Network concepts introduction & wireshark workshop | SHA2017: Still Hacking Anyway | slides | video | more | |
SECURITY | 30JUN | The digital age. Will you be able to safeguard your data? | Sarunu festivāls "Lampa" | slides | more | ||
POLICY | 29JUN | Copyright is not keeping up with our runaway culture | paper | ||||
CRYPTO | 30MAY | How they SHAttered Latvian eID | CERT-EE Symposium 2017 | ||||
SECURITY | 06APR | Social networks — an attack vector | Esi drošs | slides | video | more | |
NET | 28MAR | Internet of Things: risks, tips, future | Digital Security Day | slides | video | more | |
SECURITY | 20FEB | Operation "Hackers' Wonders" | "Aizliegtais paņēmiens" | video | |||
2016 | |||||||
WEB | 30DEC | A visual story about JavaScript | 33C3 "Works for me" | slides | video | ||
NET | 28DEC | SIPSA anonymization protocol | 33C3 "Works for me" | slides | |||
NET | 27DEC | Network concepts introduction & wireshark workshop | 33C3 "Works for me" | slides | |||
NET | 15OCT | The theory behind SIPSA anonymization protocol | Joint Estonian-Latvian Theory Days | slides | |||
RDP, POLICY | 06OCT | Legal, technical and coordination challenges of the responsible disclosure process | ISACA/CERT.LV "Cyberchess 2016" | video | more | ||
RDP, VULN | 06OCT | Responsible disclosure process – vulnerabilities of IP security cameras | ISACA/CERT.LV "Cyberchess 2016" | slides | video | more | |
SECURITY | 01OCT | Security audit process of a WordPress instance | WordCamp Riga | slides | video | ||
NET | 09SEP | SIPSA — One step closer to real anonymity on the internet | BalCCon2k16 | slides | video | more | |
SECURITY | 01SEP | History and contemporary challenges of IT security research | slides | ||||
RDP | 31MAY | Responsibly fixing cross-border hardware vulnerabilities | CERT-EE Symposium 2016 | slides | |||
2015 | |||||||
RDP, POLICY | 11OCT | Responsible vulnerability disclosure policy: steps for initial engagement of the target audiences | paper | ||||
POLICY | 28JUL | Regulation No 442 of the Cabinet of Ministers of the Republic of Latvia "Procedures for ensuring information and communication technology system compliance to the minimal security requirements" | “Latvijas Vēstnesis”, the official publisher of the Republic of Latvia | paper | |||
POLICY | 29APR | Amendments to the Law On the Security of Information Technologies: safer environment and additional requirements | Esi drošs-2 | slides | |||
2014 | |||||||
POLICY | 16OCT | Security challenges of Latvian ICT during the EU presidency | ISACA/CERT.LV annual conference | slides | video | ||
VULN | 02OCT | Security problem in "Rīgas Satiksme" ticketing system "E-talons" | on demand | more | |||
TLS | 22APR | TLS and Heartbleed | IT drošības specseminārs | slides | |||
VULN | 16APR | Vulnerabilities of e-maks.lv | on demand | more | |||
RFID | 18FEB | RFID | IT drošības specseminārs | slides | |||
LINUX | 25JAN | ddwrt-nvram-tool | more | ||||
2013 | |||||||
VULN | 13NOV | Deficiency in the Invalid Document Register | on demand | more | |||
VULN | 04NOV | Interesting "function" within Swedbank mobile app | on demand | more | |||
VULN | 23OCT | The practical side of IT security in Latvia | ISACA/CERT.LV annual conference | slides | video | ||
GSM | 08AUG | Security of mobile phone communications | CERT.LV Drošības ekspertu grupa | slides | |||
SECURITY | 08AUG | Analysis of Magneto malware incident | CERT.LV Drošības ekspertu grupa | slides | |||
POLICY | 06AUG | E-governance. Security. Thought experiments. | LU un LMT Datorzinātņu dienas | slides | video | ||
NET | 08APR | Attacking wireless network clients using MITM | slides | ||||
NET | 08APR | Technologies of the internet | slides | ||||
NET | 13JAN | webservertools | more | ||||
MAGSTRIPE | 05JAN | libMSRx05 | more | ||||
RFID | 05JAN | libCRx0x | more | ||||
2011 | |||||||
SECURITY | 10AUG | Security on the internet | LU un LMT Datorzinātņu dienas | slides | |||
VOIP | 01JUN | Improvement of jitter-buffer management algorithm for time-critical traffic | paper | slides | |||
2010 | |||||||
LEGAL | 29DEC | Skype's Bag of Legal Tricks | 27C3 "We come in peace" | slides | video | ||
2009 | |||||||
GSM, AI | 11JUN | SMS system "sms.id.lv" | paper | slides | |||
2008 | |||||||
AI | 19JUN | Visualisation of action plans | paper | slides | |||
2007 | |||||||
NET | 12JUN | Modernisation of the computer network at Riga State Gymnasium No. 1 | on demand | slides | |||
2006 | |||||||
CRYPTO | 13DEC | Description of SASH-1280 | paper | ||||
LINUX | 19APR | Linux command line interface – the console | paper |